«
»

Facebook Session Hijack Video

July 2nd, 2010 by Lance Cottrell

We discovered a major security hole in Facebook almost by accident. The exploit is so trivial I can’t justify calling it hacking. Any time you are on an open WiFi and accessing Facebook, anyone else on the same network can easily grab your credential and access Facebook as you with full access to your account.

We have posted a video demonstrating this to YouTube as well as putting it in the Anonymizer Labs section of our website.

- Lance Cottrell

Posted in Announcements, Anonymizer, Computer Security, Internet, Online Privacy, Security Breaches, Wi-Fi
PermaLink | 3 Comments »
Digg this Add to del.icio.us Add Redit
This entry was posted on Friday, July 2nd, 2010 at 6:33 am and is filed under Announcements, Anonymizer, Computer Security, Internet, Online Privacy, Security Breaches, Wi-Fi. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

3 Responses to “Facebook Session Hijack Video”

  1. rodmar Says:
    July 2nd, 2010 at 8:07 am

    Nice video.

    The real problem here is not the open wifi access but only the fact that facebook identifes its users with cookies.

  2. lance Says:
    July 2nd, 2010 at 9:08 am

    I would say it is a combination of the very poor security design of the Facebook cookie authentication combined with the ease of intercept provided by the open WiFi.

  3. start Says:
    July 8th, 2010 at 2:28 am

    i’m agree with you Lance, the security design of Facebook is ugly!!!

Leave a Reply